IT Security Engineer M/F

The IT Security Engineer is enthusiastic about cybersecurity understanding the business ecosystem and committed to implementing robust security measures and technologies. They actively engage in protecting the organizations information assets and critical data from cyber attacks and risks ensuring the security and integrity of digital projects initiatives and processes.

The IT Securty Engineer is responsible for implementing managing and monitoring security measures to protect the organizations information systems and networks. This role involves hands-on technical work to ensure the security systems are effective and up-to-date responding to security incidents and maintaining the overall security posture of the organization.

Design and Implementation Activities
Develops implements and maintains security solutions that enable the enterprise to protect its information assets and capabilities ensuring alignment with business technology and threat drivers.
Develops and executes security plans based on established security practices and frameworks.
Creates and updates security documentation (e.g. configurations procedures standards) to leverage security capabilities in projects and operations.
Collaborates with IT Infrastructure & Operations to establish and maintain baseline security configuration standards for operating systems (e.g. OS hardening) applications networking identity and access management (IAM) mobile devices cloud environments AI/ML services and cybersecurity platforms.
Drafts and implements security procedures and standards ensuring they are reviewed and approved by IT management.
Monitors developments and changes in the digital business and threat environments to ensure they are adequately addressed in security plans and the implementation of security controls.
Validates IT and OT infrastructure for security best practices and recommends changes to enhance security and reduce risks where applicable.
Assesses security configurations and access to security infrastructure tools including firewalls SASE platform Email Security Gateways XDR MDR SIEM and cloud environments.
Conducts or facilitates threat modeling of services and applications to identify and mitigate risks associated with the service or application.
Supports the development and implementation of IT security controls to protect the organizations information assets.
Reviews security technologies tools and services and makes recommendations to the broader IT team for their use based on risk and operational metrics.

Collaboration
Works with business teams to conduct security assessments of existing and prospective vendors and services including:
o Information systems used to process critical and strategic business data.
o Web applications.
o Cloud solution providers (IaaS PaaS SaaS).
o Business process outsourcing (BPOs).
o Managed service providers (MSPs).
Partners with IT Infrastructure & Operations (I&O) to ensure security by design in infrastructure and applications collaborating on maintaining security platforms applications and controls.
Evaluates statements of work (SOWs) for vendors and service providers to ensure that adequate security protections and controls are in place.
Collaborates with other IT members to share best practices and insights fostering a culture of continuous improvement in cybersecurity.
Participates in application operations and infrastructure projects to provide security by design advice.

Business-Related Skills

The IT Security Engineer should share insights with the IT team and other business units. Key skills include:

Technical planning: Interpret business technology and threat drivers to develop security solutions.
Communication: Translate complex security issues into business terms for colleagues presenting analyses in person and in writing. Full professional proficiency in English is required.
Financial analysis: Evaluate security technologies assess financial costs quantify purchasing and licensing options estimate labor costs and calculate total cost of ownership (TCO) Return on Investment (ROI) or payback period.
Project management: Draft project plans and coordinate with stakeholders for security services and technology implementations.

Technical-Related Skills:

o Hands-on experience managing security infrastructure: firewalls intrusion prevention systems (IPSs) endpoint and extended detection and response (EDR/XDR) Security Information and Event Management (SIEM) and log management technologies.

o Hands-on experience with vulnerability management processes and tools.

o Experience with threat modeling methodologiesto identify and mitigate risks in new applications and services.

o Experience implementing and managing security in public cloud services primarily Microsoft Azure.

Full-Stack IT Infrastructure Knowledge:

o Applications: Understanding of application security principles and practices.

o Databases: Knowledge of database security.

o Operating Systems: Proficiency in Windows server and workstation versions (mandatory) and Linux (desirable).

o Hypervisors: Experience in securing virtualization technologies.

o Networks: Knowledge of WAN LAN SASE security practices.

o Backup Solutions: Experience with backup solutions especially Veeam.

Identity and Access Management (IAM):

o Experience with Windows Active Directory and Azure Entra ID.

o Knowledge of Privileged Access Management (PAM) and Privileged Identity Management (PIM) solutions.

IT Service Management:

o Change Management: Understanding of processes to manage changes in IT services.

o Configuration Management: Knowledge of maintaining information about configuration items required to deliver IT services.

o Asset Management: Experience in managing IT assets to ensure they are secure.

o Incident Management: Skills in managing and resolving incidents to restore normal service operation.

o Problem Management: Ability to identify and manage the root causes of incidents.

Knowledge of Cybersecurity Frameworks: Familiarity with frameworks like NIST Cybersecurity Framework (CSF) and ISO 27001.

Collaboration Tools: Knowledgeable in Microsoft 365 collaboration tools.

Cybersecurity certifications are considered a plus:

- ISACA CISM.

- ISC2 CISSP.

- Microsoft Cybersecurity Architect Expert - SC100.